Then see the file jwgkvsq.vmx in folder2 RECYCLER?
hahaha ... the worm conficker name (the name microsoft). victims of what I saw is directly FT UI Internet network, network Rectorate, pusgiwa network, network PKM, and I believe in out there more. please check the link below the map on the distribution conficker in the world.
This name is derived from some antivirus:
- * W32/Confi
- * W32/Conficker.worm! Inf
- * Win32/Conficker.B - CA
- * Worm: W32/Downadup.AL
- * Net-Worm.Win32.Kido
- * W32/Conficker.worm.gen
- * Kido
* I own a nih vmx virus or virus conficker (although later I taw worm cm)
Dangerous, but the results of what I observed, conficker nyebelin bgd dah:
- * Spreads via USB flash and a local computer network (shit! Kalo km and connected to LAN network in a PC that is infected. Seriously! Conficker spread through LAN.
- * Spread easily from a USB flash autorun because the display is similar to the Open this folder to view files liat the image below
- * Function disable hidden files
- * No Detect most antivirus, because road service in svchost.exe
- * Some time for conficker akan active to update themselves (WTF! This worm can update yourself), there is a PC saat2 mu akan lelet bgd because svchost.exe 99% CPU in the works
- Svchost.exe * What is a 99% successful in the kill-proccess in the task manager, windows audio service stops and your PC sound card not working
- * To block access to some important sites, eg, the address update antivirus
- * Slow computer network so that Internet access in network very slow
How to detect:
- * Check whether the show hidden files work
- * Open regedit, search ". Vmx" I have the results then you are lucky (have conficker ^ ^)
- * Count the number of service svchost.exe is running in taskman, normally 6 on windows xp. more than that means .... (congratz, u have conficker inside)
- Or at previus post i have write Infected Virus Conficker / Kido : Computer Test
How to remove:
- * Please download this W32.Downadup Symantec Removal Tool or please use alternative link
- * Run the removal program to complete. akan number of reports have cleared the virus at the end of the
- * Clear all data in the regedit that contain "jwgkvsq.vmx"
- * Restart
- * Anyone you install SP3
- * Install the security patch from Microsoft MS08-067 depending on your version of windows (if it is to install SP3, then use special security patch SP3)
- * How to stop the spread of conficker through the Group Policy Object (GPO) read here